カイヤ ハルヒコ   Kaiya Haruhiko
  海谷 治彦
   所属   神奈川大学  情報学部 計算機科学科
    神奈川大学大学院  理学研究科 理学専攻(情報科学領域)
   職種   教授
言語種別 英語
発行・発表の年月 2015/10
形態種別 その他論文
査読 査読あり
標題 Finding Potential Threats in Several Security Targets for Eliciting Security Requirements
執筆形態 共著
掲載誌名 ICCGI 2015: The 10th International Multi-Conference on Computing in the Global Information Technolo
掲載区分国外
出版社・発行元 IARIA
巻・号・頁 pp.83-92
担当範囲 Method Design
著者・共著者 Haruhiko Kaiya, Shinpei Ogata, Shinpei Hayashi, Motoshi Saeki, Takao Okubo, Nobukazu Yoshioka, Hironori Washizaki, and Atsuo Hazeyama.
概要 Threats to existing systems help requirements analysts to elicit security requirements for a new system similar to such systems because security requirements specify how to protect the system against threats and similar systems require similar means for protection. We propose a method of finding potential threats that can be used for eliciting security requirements for such a system. The method enables analysts to find additional security requirements when they have already elicited one or a few threats. The potential threats are derived from several security targets (STs) in the Common Criteria. An ST contains knowledge related to security requirements such as threats and objectives.